Secrets Manager secret policies should not allow wildcard principals

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Description

Secrets Manager secret resource policies should not grant access to wildcard principals (Principal: "*"). Wildcard principals allow any AWS account or unauthenticated user to access the resource, creating a significant security risk.

Remediation

Update the resource policy to specify explicit principals. For guidance, refer to Resource-based policies for Secrets Manager.